<?php
// Either approves or rejects a plan of study.  Parameters are
// planId : primary key of the plan
// approved : either "true" or "false" [OPTIONAL]
// rejected: either "true" or "false" [OPTIONAL]
// email: email address of the student [REQUIRED IF approve OR rejected]
// comments: comments on this plan of study

session_start();
if ( ! isset( $_SESSION['adminLoggedIn'] ) ) {
   exit;
}

require_once("db.php");

// Is there data coming in?
if ( isset($_POST['planId'] ) ) {
   
   $planId = $_POST['planId'];
   $approved = ( $_POST['approved'] == "true" ? 1 : 0 );
   $rejected = ( $_POST['rejected'] == "true" ? 1 : 0 );
   $email = $_POST['email'];
   $comments = mysql_real_escape_string($_POST['comments']);
   
   $sql = " UPDATE gs_plans SET ";
   
   if ( $approved ) {
      $sql .= " is_approved=1, is_reviewed=1, ";
      
      mail($email,
           "MS-CIS: Plan of Study Accepted",
           "Your plan of study was accepted.",
           "From: gradstudies@cis.gvsu.edu"
      );
   }
   else if ( $rejected ) {
      $sql .= " is_approved=0, is_reviewed=1, ";
      
      mail($email,
           "MS-CIS: Plan of Study Rejected",
           "Your plan of study was rejected.  Please log back into the system to see specific comments and to make corrections.",
           "From: gradstudies@cis.gvsu.edu"
      );
   }

   $sql .= " comments='$comments' WHERE id=$planId";  
         
   $result = my_mysql_query($sql);
}

?>